authenticationauthentikauthorizationkubernetesoauth2oauth2-clientoauth2-serveroidcoidc-clientoidc-providerproxyreverse-proxysamlsaml-idpsaml-spsecuritysso
7f39399c32
* Added auto-generated uidNumber and guidNumber generated attributes for use with SSSD and similar software. The starting number for uid/gid can be configured iva environtment variables and is by default 2000 which should work fine for most instances unless there are more than 999 local accounts on the server/computer. The uidNumber is just the users Pk + the starting number. The guidNumber is calculated by the last couple of bytes in the uuid of the group + the starting number, this should have a low enough chance for collisions that it's going to be fine for most use cases. I have not added any interface stuff for configuring the environment variables as I couldn't really find my way around all the places I'd have to edit to add it and the default values should in my opinion be fine for 99% use cases. * Add a 'fake' primary group for each user * First attempt att adding config to interface * Updated API to support new fields * Refactor code, update documentation and remove obsolete comment Simplify `GetRIDForGroup`, was a bit overcomplicated before. Add an additional class/struct `LDAPGroup` which is the new argument for `pi.GroupEntry` and util functions to create `LDAPGroup` from api.Group and api.User Add proper support in the interface for changing gidNumber and uidNumber starting points * make lint-fix for the migration files |
||
|---|---|---|
| .github | ||
| authentik | ||
| cmd/server | ||
| internal | ||
| lifecycle | ||
| outpost | ||
| scripts | ||
| tests | ||
| web | ||
| website | ||
| xml | ||
| .bumpversion.cfg | ||
| .dockerignore | ||
| .editorconfig | ||
| .gitignore | ||
| Dockerfile | ||
| LICENSE | ||
| Makefile | ||
| Pipfile | ||
| Pipfile.lock | ||
| README.md | ||
| SECURITY.md | ||
| azure-pipelines.yml | ||
| docker-compose.yml | ||
| go.mod | ||
| go.sum | ||
| manage.py | ||
| pyproject.toml | ||
| pyrightconfig.json | ||
| schema.yml | ||
README.md
What is authentik?
authentik is an open-source Identity Provider focused on flexibility and versatility. You can use authentik in an existing environment to add support for new protocols. authentik is also a great solution for implementing signup/recovery/etc in your application, so you don't have to deal with it.
Installation
For small/test setups it is recommended to use docker-compose, see the documentation
For bigger setups, there is a Helm Chart [here])(https://github.com/goauthentik/helm). This is documented here
Screenshots
| Light | Dark |
|---|---|
 |
 |
 |
 |
Development
Security
See SECURITY.md